REMARKS 



This paper is responsive to the Office action mailed on June 26, 2006. Favorable 
reconsideration is requested. 

Claims 1-62 are in the application. Claim 27 has been amended and claim 62 has been 
newly added in this response. No new matter has been added by either the amendment or the 
newly added response. 

Applicant and his attorney wish to thank Primary Examiner Nguyen for the courtesy of 
the telephone interview held on October 13, 2006. 

Applicant's understanding of that interview, in summary fashion, is that after Applicant 
and the Examiner discussed the 35 USC 102 rejection over Williams, the Examiner stated and 
agreed that Williams did not teach multiple protocol layer security, as pointed out in Applicant's 
remarks below. Examiner also stated this covers all the claims (other than claim 27), including 
independent claim 2 which has 35 USC 103 rejection. However, there was no agreement as to 
allowable claims because there are still additional questions with respect to 35 USC 102 and the 
Examiner will issue a non-final Office action after an additional search and after reviewing this 
response. At that point the Examiner may extend the courtesy of another interview in order to 
bring the examination to an early conclusion. 

In addition, in discussing the amendment to Claim 27 in this response, the Examiner 
raised a question about where the term "accelerating" appears in the specification as filed. 
Applicant's position on this is set forth on page 25 below. 

First Rejection of Office Action 

Claims 1, 3-19, 26-38 and 40-60 have been rejected as anticipated by U.S. Patent No. 
US 6,304,973 B1 ("Williams"). That rejection is respectfully traversed for the failure of Williams 
to include all elements and limitations of the rejected claims. 

Axiomatically, rejection of a claim for anticipation by a reference requires that the 
reference contain, explicitly or inherently, all of the steps (or elements) and limitations of the 
rejected claim. 

Independent Claims 1, 9, 26, 28, 31, 34, 40, 45, 50, 51, 52, 55, 58: 
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Regarding the above independent claims, each claim requires as part of a combination 
that the security system provide multiple protocol layer security stated as: "said security system 
providing multiple protocol layer security in said network. " 

Nowhere in Williams is a multiple protocol layer security described or suggested. 

The Examiner has stated that Williams teaches a security network system that operates 
by providing "security at layer-3 and multi-level security as well." The Applicant agrees with this 
assertion of the Examiner. But this statement does not assert that Williams provides multi layer 
security, only multi level security. 

The Examiner then states "Refer to Fig. 4, multiple layer security is shown in Regions B 
and C to provide security to the network, but operate at different layers of the OSI model (see 
col. 9, lines 10-50). For instance, region B operates by providing layer-3 protection (i.e. 
encryption) that ensures communication secrecy in the network (see col. 9, lines 15-25). Region 
C, however, operates by providing Layer-4 security protection in the same network as region B 
(col .9, lines 40-50)." Applicant respectfully disagrees with the Examiner on various aspects of 
these assertions. 

First, Williams clearly articulates in the Summary of the Invention [col. 4, lines 25-32] that 
the invention is for security at OSI layer 3 as: " It is a further object of the invention to provide a 
secure network in which the security mechanisms are at layer 3 of protocol hierarchy. It is 
another object of the invention to provide a centralized administration of a layer 3 secure 
network ... ". That is, Williams asserts that security is only at layer 3, not at layer 4 and, 
therefore, Applicant submits that Williams does not provide multilayer security as the Examiner 
asserts. 

Second, the paragraph cited by the Examiner [lines 10-50 of col. 9] also clearly 
articulates that the security devices operate at layer 3 of protocol hierarchy. This is as stated in 
line 21 of col. 9 as: " The devices 18 operate within layer 3 of the protocol hierarchy and provide 
a cryptographic foundation that assures communications secrecy and communicates integrity ". 
Again, Williams teaches security only within layer 3. It does not teach security at layer 4 and, 
again, Applicant submits that Williams does not provide multilayer security. 

Third, the Examiner states that col. 9 lines 40-50 show that Region C operates by 
providing layer-4 security protection. However the entire paragraph (lines 40-50) does not have 
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the term "security" in it nor does it indicate that the systems in Regions C and D provide layer-4 
security. Instead the cited lines primarily list these systems and which layer they run at and, as 
pointed out by the Examiner, that "region C includes host computers 14, server 16, TCP/IP 
protocol stack, application programs, and users". Thus, applicant submits that layer-4 security 
is not taught by Williams. It is not clear from the Office action exactly what from this paragraph 
the Examiner considers Region C providing layer-4 security. However if the Examiner insists 
this to be present in Williams, Applicant respectfully requests the Examiner to clearly show what 
part of this paragraph expressly teaches multiple protocol layer security. 

It may be that the Examiner considers the MLS (Multi-Level Security) or multiple levels 
of security to be multi-layer security as described by the Examiner in the "Response to 
Arguments" section. There the Examiner states: "Examiner believes that Williams discloses ... 
and multiple protocol layer security (see Abstract and col. 4, lines 25-35 and col. 10, lines 55-65; 

If this is so, multiple Level security, and not multiple Layer security, is defined by Williams 
in col. 1 lines 25-30 and described again in col. 13 lines 31-35 and figure 6 as follows: " The term 
* multi-level security' refers to a system in which two or more classification levels of information 
are processed simultaneously, and not all users are cleared for all levels of information present " 
(see [col. 1 lines 25-30]). Further, Williams states: " As shown in FIG. 6, the network 10 is 
capable of supporting up to 256 hierarchical security levels and at least 65,535 non-hierarchical 
categories " (see [col. 13 line 31]). Thus it is very clear from Williams that multiple level security 
has 256 security levels which is totally different from an OSI model with seven layers which is 
required in the above independent claims in Applicant's invention stated as: " said security 
system providing multiple protocol layer security in the said network ". 

Further, the lines cited by the Examiner clearly articulate that the security devices 
operate at only one protocol layer (network layer which is layer 3) of the protocol hierarchy, 
stated in the "Abstract" section as: "The security devices are interposed, between each of 
workstations, including the NSC, and the common medium and operate at a network layer 
(layer 3) of the protocol hierarchy." 

Further still, col. 4 lines 25-35 cited by the Examiner emphasize the same point very 
clearly stated as: "It is a further object of the invention to provide a secure network in which the 
security mechanisms are at layer 3 of protocol hierarchy . It is another object of the invention to 
provide a centralized administration of a layer 3 secure network ...". Thus Williams even calls it 
"a layer 3 secure network." Thus, Williams is not a multilayer secure network. 
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Finally, the cited lines of Williams state: "It is another object of the invention to provide a 
multi- level secure network having a security device coupled between each host and the network 
medium". 

Accordingly, Williams does not explicitly teach, disclose, or illustrate the "multiple 
protocol layer security" element of the Applicants' claims. Instead, Williams discusses only a 
multi-level secure network, which is a different matter altogether from multi-layer secure 
network. Further, if this multiple protocol layer security element is considered by the Examiner 
to be inherent in Williams, Applicant respectfully requests the introduction of extrinsic evidence 
clearly showing that the omitted material is necessarily present in Williams and that it would be 
so recognized by persons of ordinary skill. In this regard, see In re Robertson , 49 USPQ2d 
1949 (Fed. Cir. 1999). Alternatively, the Applicant respectfully requests withdrawal of this 
rejection. 

The Applicant can also provide detailed description on various other elements of the 
claims that are also not taught, disclosed or illustrated by Williams if the Examiner requires this. 

Claims 3-8, 17 and 19, depending from allowable claim 1, are also allowable for the 
same reasons stated above. 

Claims 10-16, and 18, depending from allowable claim 9, are likewise allowable. 

Claims 29, 30 and 33, depending from allowable claim 28, are also allowable for the 
same reasons stated above. 

Claims 35-38, depending from allowable claim 34, are likewise allowable. 

Claims 41-44, depending from allowable claim 40, are likewise allowable. 

Claims 56 and 57, depending from allowable claim 55, are likewise allowable. 

Independent Claims 31. 45, 52, 58: 

In addition to the points made above with respect multiple protocol layer security, 
independent claims 31, 45, 52, 58, also provide for a combination for providing a security 
system for a storage area network . As stated by the Examiner in the Section 103(a) rejection in 
this office action: "Williams is silent about storage area networks." Hence even by the 
Examiner's own statement, the first requirement of this claim is not met by Williams. Therefore, 
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Applicant respectfully requests withdrawal of this rejection. Further, if the Examiner meant to 
reject these claims under section 103(a) as being unpatentable over Williams in view of 
Twomey, the Applicant respectfully disagrees with that assertion as well because the 
combination of Williams and Twomey do not teach each and every aspect of these claim since 
neither Williams nor Twomey or a combination of them teach, disclose or illustrate "multiple 
protocol layer security" as stated above. 

Accordingly, Williams, even in view of Twomey, does not explicitly teach, disclose, or 
illustrate "multiple protocol layer security" element of the Applicants' claims under discussion. 
Further, if this element is considered by the Examiner to be inherent in Williams, Applicant 
respectfully requests the introduction of extrinsic evidence clearly showing that the omitted 
material is necessarily present in Williams and that it would be so recognized by persons of 
ordinary skill. In this regard, see In re Robertson , 49 USPQ2d 1949 (Fed. Cir. 1999). 
Alternatively, the Applicant respectfully requests withdrawal of these rejections. 

The Applicant can also provide detailed description on various other elements of the 
claims under discussion that are also not taught, disclosed or illustrated by Williams, even in 
view of Twomey, if the Examiner requires it. 

Claims 32, 39 and 61, depending from allowable claim 31, are also allowable for the 
same reasons stated above. 

Claims 46-49, depending from allowable claim 45, are likewise allowable. 

Claims 53-54, depending from allowable claim 52, are likewise allowable. 

Claims 59 and 60, depending from allowable claim 58, are likewise allowable. 

Independent Claim 27: 

Claim 27 has been amended to substitute "accelerating" for "providing." That is, the 
hardware processor of Applicant's invention accelerates the protocol processing stack as 
indicated in the first two paragraphs of Applicant's "Summary of the Invention." To the extent 
that Williams teaches a protocol processing stack, Williams does not teach accelerating the 
protocol processing stack. Indeed, the word "accelerating" does not even appear in Williams, 
because Williams does not recognize the benefits of accelerating a protocol processing stack. 
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In this regard, the term "accelerate" and its various other forms such as "accelerator", 
"acceleration", and "accelerated" appear at a number of places in this application as originally 
filed, and these terms are used in precisely the way "accelerating" is used in claim 27 as 
amended. 

For example, page 2, line 5 states that "new hardware solutions would accelerate the 
TCP/IP stack to carry storage and network data traffic..." Applicant's invention is one of those 
solutions that would "accelerate" the TCP/IP stack. 

Page 16, line 30 to page 17, line 5 also indicates that the architecture described in this 
patent can be used for high performance TCP/IP and also that the TCP/IP engine can be 
augmented with application specific packet accelerators to leverage the architecture, and gives 
examples as to how this might be done. 

Likewise, page 17, lines 19-20 states that "New hardware solutions will accelerate the 
TCP/IP stack to carry storage and network traffic and be competitive to FC based solutions. 
Thus, again, acceleration is taught in the instant application as originally filed. 

Finally, teaching of acceleration in accordance with this application is seen at page 18, 
lines 24-25: "The storage protocol, like iSCSI, can be built in software running on the host 
processor or may, as described in this patent , be accelerated using hardware. 

Accordingly, Williams does not explicitly teach, disclose, or illustrate each and every 
element of claim 27. Specifically, Williams does not teach accelerating a protocol processing 
stack. Further, if each element of claim 27, specifically, accelerating a protocol processing 
stack, is considered by the Examiner to be inherent in Williams, Applicant respectfully requests 
the introduction of extrinsic evidence clearly showing that the omitted material is necessarily 
present in Williams and that it would be so recognized by persons of ordinary skill. In this 
regard, see In re Robertson , 49 USPQ2d 1949 (Fed. Cir. 1999). Alternatively, the Applicant 
respectfully requests withdrawal of this rejection. 

Second Rejection of Office Action 

Claims 2, 20-25 were rejected under 35 USC §1 03(a) as being unpatentable over Williams in 
view of Twomey (U.S. Patent Application No. 2003/0131228). 

As to claims 2 and 20-25 , the Examiner stated that: 
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"Williams teaches all of the above described features, however, Williams is silent 
regarding a storage area network (SAN). Twomey discloses a system for a SAN that handles 
both secure and regular types of network security (see [0006, 0027]). Motivation to combine the 
SAN of Twomey with security network of Williams is evident from background portions of their 
respective specifications. For instance, Williams discloses the need for security networks that 
operate at various layers of the network layer hierarchy and provide centralized administration 
(emphasis added).... Similarly, Twomey discloses the need to provide encryption for a network 
system to prevent unauthorized access to a private network (see [0034]). The system includes a 
security processor for handling secure data traffic and utilizes security protocols (i.e. Ipsec)." 

Independent Claim 2: 

Applicant respectfully submits that the obviousness rejection is incorrect. 

As Applicant's first reason for this, Applicant respectfully asserts that Williams does not 
teach all of the described features of claim 2. Further, a combination of Williams and Twomey 
also does not teach all of the described features of claim 2. Applicant respectfully asserts that 
Williams does not teach a security network system that operates by providing security at various 
protocol layers of the protocol layer hierarchy, unlike the assertion by the Examiner. Williams 
does teach multilevel security, which is different in kind from multiple OSI layer security. As 
stated for the claims (1, 9, 26, 28, 31, 34, 40, 45, 50, 51, 52, 55, and 58) above, nowhere in 
Williams or Twomey is "multiple protocol layer security" described or suggested. 

As Applicant's second reason , the Applicant respectfully asserts that claim 2 sets forth a 
combination for providing a security system for a storage area network. The claim requires "a 
plurality of said set of [one or more networkedl systems comprising a hardware processor 
providing transport layer protocol processing. " Nowhere in Williams is plurality of networked 
systems comprising a hardware processor providing transport layer protocol proc essing 
described or suggested. 

As stated by the examiner, Williams is silent regarding a SAN but Twomey discloses a 
system for a SAN. But while Twomey does talk about protocol processing in a few places in the 
application, e.g. in paragraph 0042 of Twomey, protocol processing is defined as "On the other 
hand, if the packet is not encrypted, the first integrated processor 22A may perform protocol 
processing on the packet ... The protocol processing may include, for example, determining the 
target of the packet on the switch fabric (e.g. a storage device in the embodiment of Fig 1) and 
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transmitting information to the switch fabric card indicating the target for routing of the packet to 
the target. The memory 26A may include various databases which may be used in protocol 
processing (e.g. database mapping IP addresses to switch fabric addresses or other routing 
information) ". Thus Twomey defines IP address look-up and transmitting the information as 
protocol processing . Prior to this, paragraph 0039 of Twomey states packet processing as "a set 
of flowcharts are shown illustrating various operations of one embodiment of the integrated 
processors 22A-22B for processing packets . More particularly, the flowcharts of FIGs. 3-7 may 
represent the operation of integrated processors 22A-22B when executing sets of instructions 
programmed for the integrated processors." But neither this description nor the flow charts in 
Twomey describe or suggest a transport layer protocol processing . Thus, nowhere in 
Williams or Twomey is plurality of networked systems comprising a hardware processor 
providing transport layer protocol processing (and providing multiple protocol layer 
security) described or suggested. 

Accordingly, neither Williams nor Twomey explicitly teaches, discloses, or illustrates 
each and every element of claim 2. Further, Applicant respectfully asserts that the combination 
of Williams and Twomey together fails to disclose or suggest all elements of claim 2. Hence, it 
would not have been obvious to one of ordinary skill in the art at the time the invention was 
made to have combined these two network security systems and arrive at all the features 
disclosed in claim 2. 

Further, if each of the missing element of claim 2 is considered by the Examiner to be 
inherent in the combination of Williams and Twomey, Applicant respectfully requests the 
introduction of extrinsic evidence clearly showing that the omitted material is necessarily present 
in the combination of Williams and Twomey and that it would be so recognized by persons of 
ordinary skill. In this regard, see In re Robertson , 49 USPQ2d 1949 (Fed. Cir. 1999). 
Alternatively, the Applicant respectfully requests withdrawal of this rejection. 

The arguments above as to claim 2 also apply to claims 20-25 which depend from claim 2. 

New Claim 62 

Claim 62 has been newly added. This claim goes to a multiple protocol layer security 
system having a hardware processor accelerating a protocol processing stack. As stated above 
j n these Remarks, no reference or combination of references shows multiple layer security, and 
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no reference or combination of references shows a hardware processor for accelerating a 
protocol processing stack. Therefore, Applicant submits that claim 62 is allowable. 

In view of these remarks, it is submitted that the claims of this application are patentably 
distinct from the references of record. Applicant asserts that all claims are allowable and 
requests that the above rejections be withdrawn and the claims be passed to issue. 

The Commissioner is hereby authorized to charge any additional fees or credit any 
overpayment that may be associated with this communication to Deposit Account No. 07-1896. 



DLA PIPER US LLP 
2000 University Avenue 
East Palo Alto, CA 94303-2248 
Attn: Patent Department 
Telephone: (916) 930-3239 
Facsimile: (916)930-3201 
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Respectfully submitted, 
DLA PIPER US LLP 



Dated: October 19, 2006 
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